Monday, October 19, 22:30
Home security Visa warns of new skimmer Baka

Visa warns of new skimmer Baka

Visa has issued a warning about a new e-commerce JavaScript skimmer known as Baka, which automatically "leaves" the memory after extracting the stolen data.

The credit card theft script was discovered by Visa Payment Fraud Disruption (PFD) researchers in February 2020, while a command and control was examined (C2) server that previously hosted an "ImageID web skimming kit".

visa

Last year, Visa discovered another JavaScript web skimmer known as Pipka, which quickly spread to the Internet. stores after being initially spotted on e-commerce sites in North America in September 2019.

Avoid detection and analysis

In addition to the standard basic scanning capabilities such as data exfiltration using image requests, Baka has advanced design which shows that it is a project of a specialized malware developer.

“The skimmer loads dynamically to avoid static malware scanners and uses unique parameters encryption for every victim to hide the malicious code ", says the Visa notice.

"The PFD estimates that this skimmer variant avoids detection and resolution by removing itself from memory when it detects dynamic resolution with Developer Tools or when data have been successfully exported. ”

Baka has been spotted by Visa in many online stores in various countries.
Visa recommends that financial institution members, e-commerce merchants, service providers and third-party providers refer to the document called "What To Do If Compromised" (WTDIC), which contains instructions on whether their payment systems are compromised.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

Windows 10: Microsoft has released a new task manager for gamers

If your computer games are slow or slow, you can free up resources in Windows 10 using the new task manager ...
00:01:51

NASA's Osiris-Rex is expected to land on the asteroid Bennu tomorrow

NASA's Osiris-Rex spacecraft will land on a large asteroid for a while on Tuesday and will collect some rocks and ...

How to turn off all vibrations on your iPhone completely

Some people are particularly sensitive to the vibrations of their iPhone, either for personal or medical reasons. Thanks to...

How to convert Keynote presentations to Microsoft PowerPoint

Apple presentation software does all the hard work when converting a PowerPoint presentation to Keynote. Doing the opposite, ...

QAnon Conspiracy Theories: YouTube removes them from the platform

YouTube is the latest social networking site to launch a campaign against the spread of QAnon conspiracy theories.

Vizom: New malware hijacks bank accounts

Vizom disguises itself as a popular "videoconferencing software", with meetings all online due to the pandemic. Investigators...

The Windows 10 Calculator has been ported to Linux

The Windows 10 Calculator has been ported to Linux and can be installed from the Canonical Snap Store. The ...

System breach exposes Kleenheat customer data

Australian-based gas company Kleenheat has warned some of its customers of data breaches, which may ...

US Election: Candidates manipulate voters via email!

The politicians who are candidates for the upcoming US elections use psychological tricks and "dark" patterns in their emails to ...

Google Chrome and Edge create random debug.log logs

An error in the latest version of Chrome and other Chromium-based browsers causes random debug.log files to be created ...